AI agents can now hold virtual Visa cards, execute purchases autonomously, and settle transactions with other agents. Every major payment network is racing to build the rails. For fintech founders, this is not a feature to bolt on. It is a new category of financial infrastructure emerging in real time.

The stakes are large. McKinsey estimates $3 to $5 trillion in global agentic commerce by 2030. Yet the infrastructure remains dangerously fragmented, with competing payment protocols, no interoperability, and a liability vacuum that no legal framework has fully addressed. Before getting into who is building what, it helps to understand what "agentic payments" actually means in practice.

Four layers of agent commerce

Most of what people call agent commerce today is not truly autonomous. There are four distinct layers.

Layer one: you research a product using an AI assistant and place the order yourself. Layer two: the agent finds the product and you confirm the payment. Layer three: you set a condition and the agent buys automatically when it is met. All three of these layers still use your payment credentials.

Layer four is where things get genuinely different. Your agent needs to call another model's API, purchase a dataset to complete a task, or hire a sub-agent to handle a subtask. In these scenarios, the agent is not using your card. It needs its own payment credentials. The current workaround is for developers to buy access on the agent's behalf and hand over credentials. That is not agency. That is acting as a purchasing agent.

Virtual cards are the first serious answer to this problem.

What agent-native virtual cards actually do

A product like AgentCard makes the mechanics concrete. You top up a balance, the agent calls a tool like create_card(amount=$50), and the provider issues a one-time prepaid Visa card locked to exactly that amount. The card is single-use, automatically deactivated after the transaction, and the agent never sees your underlying funding source. No overdraft risk. No credential exposure.

This is not just a developer toy. It reflects a structural shift in how software budgets will work: per-task allocation replacing per-employee card programs.

Three conditions matured simultaneously to make this possible. The demand side arrived with a new class of software builders: 25% of YC's Winter 2025 batch has over 95% of its codebase generated by AI, and 67% of Bolt.new's five million users are non-professional developers. On the supply side, APIs like Stripe Issuing made virtual card issuance programmable. And at the network layer, Visa and Mastercard both shipped agent payment protocols in 2025, with Cloudflare and Fiserv following quickly. Everyone saw the same thing: agents need their own financial infrastructure.

A three-layer solution stack

Virtual cards solve the compatibility problem but they inherit a core limitation from traditional card rails: slow settlement. When a merchant receives a card payment, funds can take days or weeks to clear. For an agent managing high-frequency micropayments across APIs and sub-agents, that lag compounds quickly. Cross-border fees add further friction.

The x402 protocol, developed by Coinbase with Cloudflare, addresses this at the HTTP layer. An agent sends a request, the server responds with a 402 status code and a price, the agent signs a USDC transfer, and the data is returned. No account registration, no subscription, pay-as-you-go. The entire transaction is a single HTTP exchange. x402 has already reached $600 million in annualised volume.

These two approaches serve different use cases and are not competing. Virtual cards work wherever Visa is accepted: online retail, SaaS subscriptions, cloud service billing. x402 and similar stablecoin rails work for agent-to-agent payments, API calls, and sub-agent hiring where card rails are either too slow or too expensive.

The three-layer stack that is emerging looks like this. Virtual cards address compatibility with the existing merchant world. Stablecoins address settlement speed and micropayment economics. Native programmable wallets address the governance complexity that emerges when one agent is managing dozens of sub-agents, each with their own transaction history. Which layer matters most depends entirely on what your agent is transacting with today.

This is directly relevant for teams building on open banking infrastructure: the same account-to-account payment rails that power open banking are candidates for the stablecoin-speed settlement layer, without requiring new network relationships.

The infrastructure players

The established networks moved quickly. Mastercard launched Agent Pay in mid-2025, processing its first on-network agentic transaction and rolling out to all US cardholders by November 2025. The system uses Agentic Tokens tied to each authorised agent interaction. In March 2026, Mastercard and Santander completed Europe's first live end-to-end AI agent payment within a regulated banking framework.

Visa responded with Intelligent Commerce, opening VisaNet to developers building AI commerce agents. The suite includes tokenised AI-Ready Cards and Payment Instructions loaded directly into VisaNet. Over 100 partners are in build or sandbox. By December 2025, Visa had completed hundreds of secure agent-initiated transactions in US pilots.

Stripe moved fastest on open protocol. The Agentic Commerce Protocol, co-developed with OpenAI and released in September 2025, powers ChatGPT's Instant Checkout. It introduced Shared Payment Tokens: scoped, time-limited, revocable credentials that let agents initiate payments without exposing underlying card details. Affirm and Klarna both integrated buy-now-pay-later via SPTs in March 2026. Google's Agent Payments Protocol took a different approach, using cryptographically signed Mandates and W3C Verifiable Credentials to create a tamper-proof audit trail that is payment-rail agnostic.

At the startup layer, Skyfire raised $9.5 million from a16z CSX and Coinbase Ventures to build agent identity and KYA (Know Your Agent) infrastructure. Natural raised $9.8 million to build B2B payment rails for agent-led procurement workflows. Payman AI raised $13.8 million with participation from Visa and Coinbase Ventures, building a platform for financial institutions to deploy agent-driven transactions. Kite AI raised $35 million from PayPal and General Catalyst to build a Layer 1 blockchain specifically for agent payment infrastructure.

What this means for spend management

Traditional spend management platforms face a two-wave disruption.

Wave one is actually strengthening them in the short term. Brex launched AI-driven expense automation in fall 2025, claiming 99% of expense reports handled without human review. Ramp Agents, launched in July 2025, catches 15 times more out-of-policy spend than non-AI alternatives with 99% policy enforcement accuracy. Upload a policy document and the agent builds a reasoning graph in minutes. Vendr went a step further with Ruth Negotiations, launching AI agent contract negotiations powered by their dataset of billions in dollars of software purchases. You describe the deal and target price, Ruth analyzes the quote, builds a negotiation strategy, and runs the negotiation on your behalf, handling the tail spend that finance teams typically do not have bandwidth to optimize.

Wave two is more disruptive. When agents transact autonomously via agent-native protocols, settling in stablecoins through programmable wallets with per-task budgets, the concept of a corporate card built around human-in-the-loop approvals becomes structurally misaligned. A card network's 30-cent fixed fee makes micropayments uneconomical. Its assumption of a human authorising each transaction breaks at machine speed. These are not product problems. They are architectural ones. The ERP API integrations that currently connect spend management platforms to ERPs will need to accommodate agent-initiated transaction records that arrive at very different frequencies and formats than human expense submissions.

a16z put it plainly: an agent streaming $0.001 per second to a compute provider and a manufacturer settling a $50,000 vendor invoice can share the same rail, but only on stablecoin infrastructure.

The unsolved liability problem

Every major institution converges on the same unresolved question: who is liable when an agent makes a bad purchase?

The Consumer Bankers Association's January 2026 white paper, convening Bank of America, JPMorgan, PNC, Google, Stripe, Visa, and Mastercard, concluded that under the Electronic Fund Transfer Act, consumers may be liable for mistakes their agents make when they voluntarily grant an access device to an AI. Chargebacks introduce an additional party with no established allocation of responsibility.

Fraud vectors are shifting in parallel. Visa has reported a significant increase in dark web activity around AI agent fraud tooling. The threat model has moved from stolen credentials to hijacked agents: malware that distorts agent behaviour so transactions technically follow preset rules but do not reflect user intent. High-frequency, small-value abuse can overwhelm fraud teams before it shows up as a visible loss.

Authorization standards remain fragmented. Mastercard uses Agentic Tokens, Visa uses Trusted Agent Protocol, Google uses cryptographic Mandates. None of these interoperate. The "Know Your Agent" standard being developed mirrors KYC for machines, but no unified standard exists yet.

Gartner predicts over 40% of agentic AI projects will be cancelled by end of 2027 due to escalating costs or inadequate risk controls. The EU AI Act's 2026 obligations require human oversight and auditability. PSD2's Strong Customer Authentication has no mechanism for treating AI agents as equivalent to human payers.

The historical pattern and where the opportunity is

The pattern here is consistent. eBay created a marketplace of individual sellers who could not get merchant accounts. PayPal solved their payment problem. Independent developers needed to accept online payments without an enterprise sales cycle. Stripe solved it with a few lines of code. Each platform shift produced a new class of merchants that existing rails could not serve. The winner was whoever served them first.

The new merchant class is agents. Millions of builders who could not write production code two years ago are now shipping software with AI. Their agents will transact, and those transactions need infrastructure.

The competitive map has a clear gap. Networks own identity and authorisation. Stripe and Google own checkout protocols. Brex and Ramp own the automation layer for human-in-the-loop workflows. What remains almost entirely unbuilt is the connective tissue: cross-protocol interoperability, real-time policy engines that work across competing standards, agent identity registries, and the audit and liability infrastructure for when things go wrong.

The unified API layer becomes meaningful here. When an enterprise deploys agents across procurement, vendor payments, and sub-agent orchestration, the accounting system of record needs to receive all of it coherently, regardless of whether the underlying transaction settled on a Visa rail, via x402, or through a stablecoin wallet. Normalising agent-initiated transaction data across those surfaces is exactly the kind of integration problem that a unified API layer exists to solve.

Whoever builds the governance layer that makes autonomous spending trustworthy, the compliance infrastructure, the audit trails, the policy engines, and the kill switches that let an enterprise hand an agent a budget and operate confidently, will define the next generation of financial infrastructure. The scaffolding is in place. The real infrastructure has barely started.